Sign-In Integrations

rpvw

• September 29, 2018 03:11

caveat venditor It was revealed that Facebook has had as many as 90 million account profiles exposed due to a code error that was introduced in July 2017. Apart from exposing private profiles, this error allowed account access tokens to be stolen, potentially allowing miscreants to use them to log into any other account or service that was connected to a Facebook account. Any server operator who has allowed their users an ability to log into any account using a connected Facebook account may want to re-appraise their policy. Facebook reports that all the security holes surrounding this exploit have now been patched, and that in theory, all access tokens already in use should have now been annulled or expired. Further information can be obtained from Security Update | Facebook Newsroom

• 

  cPanelMichael

  • October 01, 2018 14:43

  Hi @rpvw, Thanks for sharing!

  0
• 

  Anupam SG

  • October 02, 2018 13:54

  IMHO, the sign-in integrations should not even exist for cPanel. It just adds an additional point of failure in server security. I was unpleasantly surprised when I saw this feature introduced in the WHM release. Ease of access =/= robust security.

  0

Please sign in to leave a comment.